Do not pass the option "device" in rsyslog.conf by default when syslog server's source address is configured

[stephenxs]

Why I did it

An in-band syslog server will not receive any syslog if it is configured without a VRF specified, which is because eth0 is always specified as the device of a syslog server and the syslog packets will be sent to eth0 regardless of its destination IP address.

Work item tracking

• Microsoft ADO (number only):

How I did it

Pass the option "device" in rsyslog.conf only if when syslog server's source address is configured with a non-default VRF

How to verify it

Manually test:

1. Configuring a syslog server without VRF specified or with default as the VRF: no device passed in rsyslog.conf
2. Configuring a syslog server with non-default VRF: the configured VRF passed as device in rsyslog.conf

Which release branch to backport (provide reason below if selected)

• 201811
• 201911
• 202006
• 202012
• 202106
• 202111
• 202205
• 202211
• 202305

Tested branch (Please provide the tested image version)

Description for the changelog

Link to config_db schema for YANG module changes

A picture of a cute animal (not mandatory but encouraged)

[mssonicbld]

@StormLiangMS,@liushilongbuaa PR: #17616 is conflict with MS internal repo
Please complete the following PR by pushing fix commit to sonicbld/conflict_prefix/17616-fix
https://msazure.visualstudio.com/One/_git/Networking-acs-buildimage/pullrequest/9283703
Then comment "/azpw ms_conflict" to rerun PR checker.

[StormLiangMS]

/azp run ms_conflict

[azure-pipelines]

No pipelines are associated with this pull request.

[StormLiangMS]

/azpw ms_conflict

[StormLiangMS]

hi @qiluo-msft could you have expert to take a look at this PR? And there is an internal conflict.

[wen587]

/azpw ms_conflict

[qiluo-msft]

Is it covered by sonic-mgmt testcases? #Closed

[stephenxs]

Is it covered by sonic-mgmt testcases?

I do not think so. this was found by our internal QA test.

[qiluo-msft]

Is it covered by sonic-mgmt testcases?

I do not think so. this was found by our internal QA test.

Could you add a test for the behavior "an in-band syslog server will not receive any syslog if it is configured without a VRF specified"? #Closed

[stephenxs]

Is it covered by sonic-mgmt testcases?

I do not think so. this was found by our internal QA test.

Could you add a test for the behavior "an in-band syslog server will not receive any syslog if it is configured without a VRF specified"?

I'm not sure whether there is infra for such test cases. So, I need to check the details and get back to you
Is it possible to merge it first because it's a blocker to our 202305 release and then we will add the test case later?
Thanks

[qiluo-msft]

@prsunny Could you help review?

[qiluo-msft]

This is still applicable. We could not approve this PR if testcase is not implemented.

---

In reply to: 1890853775

[stephenxs]

This is still applicable. We could not approve this PR if testcase is not implemented.

In reply to: 1890853775

Test plan ready for review sonic-net/sonic-mgmt#11803

[qiluo-msft]

ADO 27353460
@StormLiangMS Please help backport.

[StormLiangMS]

hi @stephenxs @wen587 pls have test with 202305 on brcm/mellanox/cisco/marvell platform, would like to avoid regression.

[stephenxs]

hi @stephenxs @wen587 pls have test with 202305 on brcm/mellanox/cisco/marvell platform, would like to avoid regression.

@StormLiangMS this is platform independent feature. It was tested on 202305 on mellanox platform.

[wen587]

Hi @StormLiangMS , I tested the rsyslog.conf generation in 202305 PROD. I tried with one MGMTdevice and one non-MGMTdevice patching the PR.
Both devices show the same difference as below:

action(type="omfwd" Target="some_ip" Port="514" Protocol="udp" Device="eth0")
Changed to
action(type="omfwd" Target="some_ip" Port="514" Protocol="udp" Template="SONiCFileFormat")
Since SONiCFileFormat is the default template. So it just eliminates the Device variable. There should be no regression.

[mssonicbld]

Cherry-pick PR to 202311: #18518